Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris

Re^2: Change a user's Kerberos Password?

by Anonymous Monk
on Nov 05, 2010 at 20:47 UTC ( #869753=note: print w/replies, xml ) Need Help??

in reply to Re: Change a user's Kerberos Password?
in thread Change a user's Kerberos Password?

Looking at the change_LDAP_password function in locksmith (at least in trunk) I notice you are hashing and replacing the attribute directly. It is probably easier/cleaner/better? to test for and use the ldap exop for password changes:

$msg = $ldaph->set_password(user => $dn, newpasswd => $newpass, oldpasswd => $oldpass);

This will let stuff like the openLdap smpk5pwd and ppolicy modules take care of other password related stuff like syncing NT/LANMAN passwords (needed for MSCHAP/eap/peap for wifi via radius) and password policy enforcement on the server. It also handles the encryption on the server with whatever standard the admin has setup in it there.

  • Comment on Re^2: Change a user's Kerberos Password?

Replies are listed 'Best First'.
Re^3: Change a user's Kerberos Password?
by 5mi11er (Deacon) on Apr 22, 2013 at 14:37 UTC
    Probably an excellent suggestion, but I haven't had to use that system in a while, and no longer have access to those systems, so I have no way of easily testing whether that would work or not.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://869753]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (5)
As of 2017-12-14 21:06 GMT
Find Nodes?
    Voting Booth?
    What programming language do you hate the most?

    Results (410 votes). Check out past polls.